Harry Brown: Online security and safety

March 19, 2010

It is amazing that in a relatively short period of time, many of us have come to rely so much, on the online world for some of our standard services. That could be buying books or groceries, banking and if you are a medic –education, learning and professional development. Of course we can still perform these tasks via the traditional “bricks and mortar” methods and establishments but slowly yet surely we are performing many tasks online which previously we performed offline. However both the virtual and real world need to provide some form of security to protect their users from fraud and malicious abuse of their property such as credit cards and other financial resources, as well as identity fraud. In addition to security, it is important to consider resilience, stability and safety when dealing with internet issues.

This was brought home to me when recently I tried to log on to update my National Health Service (NHS) appraisal toolkit where I keep my on going professional self development and appraisal information. Unfortunately it was not there and was not accessible. My first reaction was that thankfully I had made a backup of my work at this site, which is held on the hard drive of my PC. Subsequently this message appeared on the home page “The NHS Appraisal Toolkit (ATK) has been temporarily taken offline in order to make improvements to the security systems of the website.” I also found this statement which helped to clarify the problem, click here to read more. Thankfully this excellent site is back online and it is now business as usual but it does make you think.

Of course this episode highlights the whole issue of using an online service which you have come to depend on. In this case, the disappearance was short lived but because it was about security, it does make you think about your own security whilst out there on the internet. Think about your online identity and how you go about protecting it, after all it is surprising how many online traces you leave of yourself. Sure websites have a responsibility of keeping themselves safe and secure and in the example I have just given, the site owners have taken the issue very seriously. However we should all take responsibility to protect our online identities and safety. It is not just a matter of having the latest internet security suite (which contains a viral scanner and firewall, spam filter etc), which of course is important.

For example, if you have a social network site profile, how accessible is that to the general internet community and how much personal information is on that, even to people that you give full permission to view? A simple Google search on your name or using something a little more specialised such as this can generate significant amounts of personal information and some of it you may not wish to broadcast. Or maybe you did not realise how easy it was to find this information on line. Dates of birth, mother’s maiden name and nicknames which could be passwords are relatively easy to glean without too much technical knowledge. Access to such information could unlock the key to your on line bank accounts for example.

A simple email can be analysed and be traced very easily thanks to online tools. Every email carries information which though it appears to be hidden can in fact be easily accessed. This is called a header and it can tell you about the journey of that email and hence information about the person who sent you that email. Just pop the header information into a service such as http://www.ip-adress.com/trace_email/ and see what information you can obtain.

Bearing in mind these points about online security, we as doctors have always been protective of patient medical records, correctly citing confidentiality aspects. After all many patients trust us and confidentiality of medical information and records is crucial to this relationship. Making medical records available online to trusted and relevant parties such as appropriate health professionals (to which the patient grants their consent) is an obvious progression, as long as online security is maintained to the highest level. Interestingly there have been calls to make medical records more available and accessible “as easily as ordering a pizza” according to this article. Online access could facilitate this but could it also compromise security?

Meanwhile how confident are you, that your online security is optimised? I am sure there is room for improvement for all of us. If you want some basic advice, this is a good place to start .

Harry Brown is a general practitioner in Leeds

You can comment on this article and these websites mentioned on this blog and suggest others to be included in future Netlines. Alternatively, email Harry Brown at DrHarry@DrHarry.net

Information for Authors

BMJ Opinion provides comment and opinion written by The BMJ's international community of readers, authors, and editors.

We welcome submissions for consideration. Your article should be clear, compelling, and appeal to our international readership of doctors and other health professionals. The best pieces make a single topical point. They are well argued with new insights.